[ros-users] [Discourse.ros.org] [Next Generation ROS] SROS2 - Securing certs and keys
Ethan Gao
ros.discourse at gmail.com
Fri Aug 11 02:25:22 UTC 2017
It seems that this solution focus more on external authentication to an IMR(Industrial Mobile Robot), you know, now the ROS nodes can employ the key/certificate produced using SROS2 to authenticate/encrypt/access control for the nodes/topics etc, but do you think it's necessary to provide the security to the key/certificate itself ? now they're placed on the disk without any protection, that means it's easy to be accessed or tampered.
BTW, you know more details regarding the details of SROS2 implementation, so could u please help double confirm/clarify the following questions:
1. Keystore: does it support key exchange between publisher / subscriber, etc? Can keystore be changed?
2. Encryption of data AES-GCM-GMAC: used to have license issue on GCM, has its license model been changed?
3. Tools to create keystore, certificates: are they out-of-band tool that user needs to use this tool to create keystore manually first then pass it to DDS? How does the whole solution work?
4. Is there any access control for SROS2: tools, encryption, etc?
Many thanks
BRs
---
[Visit Topic](https://discourse.ros.org/t/sros2-securing-certs-and-keys/2400/10) or reply to this email to respond.
More information about the ros-users
mailing list